And the companies that have it aren’t protecting it
Most websites collect their users’ emails. And most don’t use basic security measures like encryption to keep that information safe from hackers.
That’s according to a new study from the research firm Clutch. They say just an email address and a name is enough for hackers to start gathering more information, which helps reaffirm that everyone is at risk of identity theft.
“When data is correlated over multiple web services, whether that is a Gmail account, a bank account, or a password retrieval from Facebook, it’s done through the email address,” says Idan Udi Edry, CEO of email security company Trustifi. “The combination of an email address and a name is enough [for a hacker] to start the reconnaissance on someone as a user.”
With email addresses being the most collected at 57 percent, respondents said names was the second most collected piece of information at 47 percent. Location was third at 45 percent.
The pieces of information least collected by websites are the ones many people would consider most dangerous — credit card information and home address.
What they collect
Here’s all the information that websites say they’re collecting, and how many do…
- Email address: 57 percent
- Name: 47 percent
- Location: 45 percent
- IP address: 42 percent
- Browser: 38 percent
- Age: 36 percent
- Interest: 36 percent
- Gender: 35 percent
- Phone number: 31 percent
- Device: 28 percent
- Language: 28 percent
- Network Service Provider: 24 percent
- Home address: 23 percent
- Credit card information: 18 percent
- Other: 1 percent (Pages accessed, RSVP, files)
- None/Unsure: 10 percent
When other people hold onto your personal information you would hope they would be safe with it, right? That’s not the case. Over 60 percent of websites say they don’t use common security measures.
Despite that high number, websites’ confidence in their security is even higher. More than 80 percent of respondents agreed that their website is secure and security measures are good.
What makes them so confident? It’s not a lack of attacks. More than 30 percent of respondents said their websites and website users have been subject to phishing scams. Twenty-two percent have been subject to identity theft, and 18 percent have been hacked.
Fifty-four percent however, say they have not been victims of such attacks.
On a positive note though, more companies are starting to improve security. Roughly one-fifth of respondents said they plan to encrypt sensitive information this year.
Companies and consumers are to blame
Data collected by the risk management company Aon shows that most companies are quick to protect their physical property, but slack in protecting their online stuff.
And it’s not just companies to blame. Many Americans have been or know someone who’s been the victim of identity theft, but still do little to protect themselves, according to credit bureau Experian. Part of this is because the majority of Americans believe hackers only want rich people’s information, which isn’t true by a long shot. You’re actually more likely to be a victim when you don’t have much money.
A lot of time, consumers make their information susceptible to hacking just for the sake of convenience, says credit card advice website CreditCards.com. Make sure you’re keeping your online data as secure as possible.
Article last modified on July 20, 2017. Published by Debt.com, LLC .